Routers & Malware: No Longer Just Your Computer That's Vulnerable

Users of Asus RT routers have reported that a router flaw allows hackers access to data on external USB hard drives attached to the router. Although some security experts believe that only users who have turned on the https service (part of the router’s AICloud feature) were affected, some users have reported their systems were compromised even though they never enabled that feature.

The best way to secure these potentially hackable routers is to update the router’s firmware, make sure all default passwords have been changed, and deactivate any remote access options. For more details on this, check out the excellent article about the situation on ARS Technica.

Security experts have also identified activity online indicating a persistent attack on networks using Linksys routers, particularly those of the Linksys E series. The attack involves the distribution of malware designed to seek out and hijack other networks connected to the Internet by vulnerable devices. Although experts have not been able to identify the purpose of the attack, it is consuming significant bandwidth in specific IP ranges. Some speculate the attackers may be testing their ability to assemble a botnet (a network of compromised computers) that could exploit the Linksys router vulnerability.

Observers say simply restarting the router appears to remove the malware. However, this does not prevent the router from being reinfected. It appears that routers using updated firmware do not become infected, so it is suspected that the vulnerablity must be part of earlier versions of the firmware. Users with Linksys routers in the E series should go to the Linksys website and look for the 2.1 version of the software.

For more on this router-based vulnerability, check out this detailed article on ARS Technica: